<?php

namespace app\http\middleware;

use think\facade\Request;

class SignValidator
{
    public function handle($request, \Closure $next)
    {
        $secret = env('api_secret');
        $time_stamp = Request::get('time_stamp',Request::post('time_stamp',0));
        $sign = Request::get('sign',Request::post('sign',0));
        $validate = validate_time_stamp($time_stamp);
        if ($validate['error_code'] != 0) {
            wapAjaxReturn($validate['error_code'], $validate['msg']);
            return false;
        }

        if(Request::isPost()){
            $params = Request::post();
        }else{
            $params = Request::get();
        }

        unset($params['sign']);
        //echo getApiSignature($params, $secret);exit;
        if (getApiSignature($params, $secret) != $sign) {
            wapAjaxReturn('80010', '签名失败',getApiSignature($params, $secret));
            return false;
        }

        return $next($request);

    }
}
